Man behind in-flight Evil Twin WiFi attacks gets 7 years in prison

A 44-year-old man was sentenced to seven years and four months in prison for operating an “evil twin” WiFi network to steal passenger data during flights and at various airports across Australia.

The man, an Australian citizen, was charged in July 2024 after Australian authorities seized his devices in April and confirmed he was engaging in malicious activities during domestic flights and at the airports of Perth, Melbourne and Adelaide.

Specifically, the person was setting up an access point with a ‘WiFi Pineapple’ portable wireless access device and used the same name (SSID) as legitimate wireless networks at airports.

Users who connected to the malicious access point were directed to a phishing webpage that stole their social media account credentials.

The man used these credentials to access the women’s accounts, monitor their communications, and steal private images and videos.

“Forensic analysis of the data and seized devices identified thousands of intimate images and videos, personal credentials belonging to other people, and records of fraudulent WiFi pages,” Australian Federal Police (AFP) says.

“The day after the search warrant, the man deleted 1752 items from his account on a data storage application and unsuccessfully attempted to remotely wipe his mobile phone.”

After his belongings were seized on April 19, 2024, the man gained unauthorized access to his employer’s laptop to access information about confidential meetings between his employer and AFP investigators.

Eventually, the man admitted his guilt:

• Five counts of unauthorized access or modification of restricted data
• Three counts of attempting unauthorized access or modification of restricted data
• one count of theft
• Two counts of unauthorized loss of electronic communications
• One count of possessing or controlling data with intent to commit a serious crime
• One count of failure to comply with order under section 3LA(2)
• Two cases of attempt to destroy evidence

AFP Commander Renée Colley warned the public about the dangers of free WiFi, advising against using virtual private networks (VPNs), strong passwords and disabling file-sharing and automatic WiFi connectivity.

“Evil Twin” WiFi attacks are not common in the wild, but they are practically possible and can go unnoticed and even unreported in public places.

Captive portals on free WiFi access points should be treated with extra caution and should be rejected when requesting personal account information to log in.